Merge branch 'develop' of gitee.com:fusenpack/fusenapi into develop
This commit is contained in:
momo
commit
62e0c55939
|
|
@ -6,3 +6,18 @@ import "context"
|
||||||
func (u *LdapUserModel) Create(ctx context.Context, data *LdapUser) error {
|
func (u *LdapUserModel) Create(ctx context.Context, data *LdapUser) error {
|
||||||
return u.db.WithContext(ctx).Model(&LdapUser{}).Create(&data).Error
|
return u.db.WithContext(ctx).Model(&LdapUser{}).Create(&data).Error
|
||||||
}
|
}
|
||||||
|
func (u *LdapUserModel) Update(ctx context.Context, userDN string, data *LdapUser) error {
|
||||||
|
return u.db.WithContext(ctx).Model(&LdapUser{}).Where("user_dn = ?", userDN).Updates(&data).Error
|
||||||
|
}
|
||||||
|
|
||||||
|
func (u *LdapUserModel) Delete(ctx context.Context, id int64) error {
|
||||||
|
return u.db.WithContext(ctx).Model(&LdapUser{}).Where("id = ?", id).Delete(&LdapUser{}).Error
|
||||||
|
}
|
||||||
|
|
||||||
|
func (u *LdapUserModel) GetAllByIds(ctx context.Context, ids []int64) (resp []LdapUser, err error) {
|
||||||
|
if len(ids) == 0 {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
err = u.db.WithContext(ctx).Model(&LdapUser{}).Where("id in (?)", ids).Find(&resp).Error
|
||||||
|
return resp, err
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func AddLdapOrganizationMemberHandler(svcCtx *svc.ServiceContext) http.HandlerFu
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.AddLdapOrganizationMemberReq
|
var req types.AddLdapOrganizationMemberReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func AddLdapOrganizationMemberHandler(svcCtx *svc.ServiceContext) http.HandlerFu
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.AddLdapOrganizationMember(&req, userinfo)
|
resp := l.AddLdapOrganizationMember(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func CreateLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.CreateLdapOrganizationReq
|
var req types.CreateLdapOrganizationReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func CreateLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.CreateLdapOrganization(&req, userinfo)
|
resp := l.CreateLdapOrganization(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func CreateLdapUserBaseGroupHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.Request
|
var req types.Request
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func CreateLdapUserBaseGroupHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.CreateLdapUserBaseGroup(&req, userinfo)
|
resp := l.CreateLdapUserBaseGroup(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func CreateLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.CreateLdapUserReq
|
var req types.CreateLdapUserReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func CreateLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.CreateLdapUser(&req, userinfo)
|
resp := l.CreateLdapUser(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func DeleteLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.DeleteLdapOrganizationReq
|
var req types.DeleteLdapOrganizationReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func DeleteLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.DeleteLdapOrganization(&req, userinfo)
|
resp := l.DeleteLdapOrganization(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func DeleteLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.DeleteLdapUserReq
|
var req types.DeleteLdapUserReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func DeleteLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.DeleteLdapUser(&req, userinfo)
|
resp := l.DeleteLdapUser(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func GetLdapOrganizationMembersHandler(svcCtx *svc.ServiceContext) http.HandlerF
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.GetLdapOrganizationMembersReq
|
var req types.GetLdapOrganizationMembersReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func GetLdapOrganizationMembersHandler(svcCtx *svc.ServiceContext) http.HandlerF
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.GetLdapOrganizationMembers(&req, userinfo)
|
resp := l.GetLdapOrganizationMembers(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func GetLdapOrganizationsHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.Request
|
var req types.Request
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func GetLdapOrganizationsHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.GetLdapOrganizations(&req, userinfo)
|
resp := l.GetLdapOrganizations(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func GetLdapUserInfoHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.GetLdapUserInfoReq
|
var req types.GetLdapUserInfoReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func GetLdapUserInfoHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.GetLdapUserInfo(&req, userinfo)
|
resp := l.GetLdapUserInfo(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func GetLdapUsersHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.GetLdapUsersReq
|
var req types.GetLdapUsersReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func GetLdapUsersHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.GetLdapUsers(&req, userinfo)
|
resp := l.GetLdapUsers(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
35
server/ldap-admin/internal/handler/ldapuserloginhandler.go
Normal file
35
server/ldap-admin/internal/handler/ldapuserloginhandler.go
Normal file
|
|
@ -0,0 +1,35 @@
|
||||||
|
package handler
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"reflect"
|
||||||
|
|
||||||
|
"fusenapi/utils/basic"
|
||||||
|
|
||||||
|
"fusenapi/server/ldap-admin/internal/logic"
|
||||||
|
"fusenapi/server/ldap-admin/internal/svc"
|
||||||
|
"fusenapi/server/ldap-admin/internal/types"
|
||||||
|
)
|
||||||
|
|
||||||
|
func LdapUserLoginHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
|
var req types.LdapUserLoginReq
|
||||||
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// 创建一个业务逻辑层实例
|
||||||
|
l := logic.NewLdapUserLoginLogic(r.Context(), svcCtx)
|
||||||
|
|
||||||
|
rl := reflect.ValueOf(l)
|
||||||
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
|
resp := l.LdapUserLogin(&req)
|
||||||
|
|
||||||
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -15,7 +15,7 @@ func RemoveLdapOrganizationMemberHandler(svcCtx *svc.ServiceContext) http.Handle
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.RemoveLdapOrganizationMemberReq
|
var req types.RemoveLdapOrganizationMemberReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func RemoveLdapOrganizationMemberHandler(svcCtx *svc.ServiceContext) http.Handle
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.RemoveLdapOrganizationMember(&req, userinfo)
|
resp := l.RemoveLdapOrganizationMember(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -147,6 +147,11 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) {
|
||||||
Path: "/api/ldap-admin/get_ldap_users",
|
Path: "/api/ldap-admin/get_ldap_users",
|
||||||
Handler: GetLdapUsersHandler(serverCtx),
|
Handler: GetLdapUsersHandler(serverCtx),
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Method: http.MethodPost,
|
||||||
|
Path: "/api/ldap-admin/ldap_user_login",
|
||||||
|
Handler: LdapUserLoginHandler(serverCtx),
|
||||||
|
},
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func UpdateLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.UpdateLdapOrganizationReq
|
var req types.UpdateLdapOrganizationReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func UpdateLdapOrganizationHandler(svcCtx *svc.ServiceContext) http.HandlerFunc
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.UpdateLdapOrganization(&req, userinfo)
|
resp := l.UpdateLdapOrganization(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func UpdateLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.UpdateLdapUserReq
|
var req types.UpdateLdapUserReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func UpdateLdapUserHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.UpdateLdapUser(&req, userinfo)
|
resp := l.UpdateLdapUser(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ func UpdateLdapUserPwdHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
var req types.UpdateLdapUserPwdReq
|
var req types.UpdateLdapUserPwdReq
|
||||||
userinfo, err := basic.RequestParse(w, r, svcCtx, &req)
|
_, err := basic.RequestParse(w, r, svcCtx, &req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -26,7 +26,7 @@ func UpdateLdapUserPwdHandler(svcCtx *svc.ServiceContext) http.HandlerFunc {
|
||||||
rl := reflect.ValueOf(l)
|
rl := reflect.ValueOf(l)
|
||||||
basic.BeforeLogic(w, r, rl)
|
basic.BeforeLogic(w, r, rl)
|
||||||
|
|
||||||
resp := l.UpdateLdapUserPwd(&req, userinfo)
|
resp := l.UpdateLdapUserPwd(&req, r)
|
||||||
|
|
||||||
if !basic.AfterLogic(w, r, rl, resp) {
|
if !basic.AfterLogic(w, r, rl, resp) {
|
||||||
basic.NormalAfterLogic(w, r, resp)
|
basic.NormalAfterLogic(w, r, resp)
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,9 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -33,7 +32,11 @@ func NewAddLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.ServiceC
|
||||||
// func (l *AddLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *AddLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.AddLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.AddLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||||
|
|
@ -46,8 +49,7 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad
|
||||||
if !email.IsEmailValid(cnEmail) {
|
if !email.IsEmailValid(cnEmail) {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
err := l.svcCtx.Ldap.AddUserToOrganization(req.OrganizationDN, req.UserDN)
|
||||||
err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败,"+err.Error())
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,9 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/chinese_to_pinyin"
|
"fusenapi/utils/chinese_to_pinyin"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -33,7 +32,11 @@ func NewCreateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||||
// func (l *CreateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *CreateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationEnName = strings.Trim(req.OrganizationEnName, " ")
|
req.OrganizationEnName = strings.Trim(req.OrganizationEnName, " ")
|
||||||
req.ParentOrganizationDN = strings.Trim(req.ParentOrganizationDN, " ")
|
req.ParentOrganizationDN = strings.Trim(req.ParentOrganizationDN, " ")
|
||||||
req.BusinessCategory = strings.Trim(req.BusinessCategory, " ")
|
req.BusinessCategory = strings.Trim(req.BusinessCategory, " ")
|
||||||
|
|
@ -52,8 +55,7 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd
|
||||||
}
|
}
|
||||||
//组装organization dn
|
//组装organization dn
|
||||||
organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN
|
organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
err := l.svcCtx.Ldap.Create(organizationDN, map[string][]string{
|
||||||
err := ldapServer.Create(organizationDN, map[string][]string{
|
|
||||||
"objectClass": {"top", "groupOfUniqueNames"},
|
"objectClass": {"top", "groupOfUniqueNames"},
|
||||||
"cn": {req.OrganizationEnName},
|
"cn": {req.OrganizationEnName},
|
||||||
"ou": {req.OrganizationEnName},
|
"ou": {req.OrganizationEnName},
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
|
|
@ -31,9 +30,12 @@ func NewCreateLdapUserBaseGroupLogic(ctx context.Context, svcCtx *svc.ServiceCon
|
||||||
// func (l *CreateLdapUserBaseGroupLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *CreateLdapUserBaseGroupLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, r *http.Request) (resp *basic.Response) {
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
err := ldapServer.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
|
err := l.svcCtx.Ldap.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{
|
||||||
"objectClass": {"top", "organizationalUnit"},
|
"objectClass": {"top", "organizationalUnit"},
|
||||||
"ou": {"FusenTeam"},
|
"ou": {"FusenTeam"},
|
||||||
"businessCategory": {"FUSEN团队"},
|
"businessCategory": {"FUSEN团队"},
|
||||||
|
|
|
||||||
|
|
@ -3,13 +3,14 @@ package logic
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"fusenapi/model/gmodel"
|
"fusenapi/model/gmodel"
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/chinese_to_pinyin"
|
"fusenapi/utils/chinese_to_pinyin"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/encryption_decryption"
|
"fusenapi/utils/encryption_decryption"
|
||||||
"fusenapi/utils/ldap_lib"
|
"gorm.io/gorm"
|
||||||
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
|
|
@ -37,7 +38,11 @@ func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Cr
|
||||||
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.UserName = strings.Trim(req.UserName, " ")
|
req.UserName = strings.Trim(req.UserName, " ")
|
||||||
req.Mobile = strings.Trim(req.Mobile, " ")
|
req.Mobile = strings.Trim(req.Mobile, " ")
|
||||||
req.Email = strings.Trim(req.Email, " ")
|
req.Email = strings.Trim(req.Email, " ")
|
||||||
|
|
@ -54,22 +59,25 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri
|
||||||
if !email.IsEmailValid(req.Email) {
|
if !email.IsEmailValid(req.Email) {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
//把用户名转pinyin
|
//把用户名转pinyin
|
||||||
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
||||||
//新增一条记录获取递增用户id
|
|
||||||
userData := &gmodel.LdapUser{}
|
|
||||||
if err := l.svcCtx.AllModels.LdapUser.Create(l.ctx, userData); err != nil {
|
|
||||||
logx.Error(err)
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeDbSqlErr, "获取自增用户id失败")
|
|
||||||
}
|
|
||||||
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||||
|
//新增一条记录获取递增用户id
|
||||||
|
now := time.Now().UTC()
|
||||||
|
err := l.svcCtx.MysqlConn.Transaction(func(tx *gorm.DB) error {
|
||||||
|
userData := &gmodel.LdapUser{
|
||||||
|
UserDn: &userDN,
|
||||||
|
Ctime: &now,
|
||||||
|
Utime: &now,
|
||||||
|
}
|
||||||
|
if err := tx.WithContext(l.ctx).Model(&gmodel.LdapUser{}).Create(userData).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
pwd, err := encryption_decryption.CBCEncrypt(req.Password)
|
pwd, err := encryption_decryption.CBCEncrypt(req.Password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
return err
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
|
|
||||||
}
|
}
|
||||||
if err := ldapServer.Create(userDN, map[string][]string{
|
return l.svcCtx.Ldap.Create(userDN, map[string][]string{
|
||||||
"objectClass": {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
|
"objectClass": {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
|
||||||
"shadowLastChange": {"19676"}, //固有属性
|
"shadowLastChange": {"19676"}, //固有属性
|
||||||
"shadowMin": {"0"}, //固有属性
|
"shadowMin": {"0"}, //固有属性
|
||||||
|
|
@ -89,8 +97,9 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri
|
||||||
"postalAddress": {req.Avatar}, //头像
|
"postalAddress": {req.Avatar}, //头像
|
||||||
"mobile": {req.Mobile}, //手机号
|
"mobile": {req.Mobile}, //手机号
|
||||||
"userPassword": {"{crypt}" + pwd}, //密码
|
"userPassword": {"{crypt}" + pwd}, //密码
|
||||||
}); err != nil {
|
})
|
||||||
logx.Error(err)
|
})
|
||||||
|
if err != nil {
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
|
||||||
}
|
}
|
||||||
return resp.SetStatusWithMessage(basic.CodeOK, "添加用户成功")
|
return resp.SetStatusWithMessage(basic.CodeOK, "添加用户成功")
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -32,13 +31,16 @@ func NewDeleteLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||||
// func (l *DeleteLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *DeleteLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
if err := l.svcCtx.Ldap.Delete(req.OrganizationDN); err != nil {
|
||||||
if err := ldapServer.Delete(req.OrganizationDN); err != nil {
|
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "删除ldap组织失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "删除ldap组织失败,"+err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -32,13 +31,16 @@ func NewDeleteLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *De
|
||||||
// func (l *DeleteLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *DeleteLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||||
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
err := l.svcCtx.Ldap.Update(req.UserDN, map[string][]string{
|
||||||
err := ldapServer.Update(req.UserDN, map[string][]string{
|
|
||||||
"postalCode": {"0"},
|
"postalCode": {"0"},
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -2,10 +2,9 @@ package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
|
||||||
"github.com/go-ldap/ldap/v3"
|
"github.com/go-ldap/ldap/v3"
|
||||||
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -34,13 +33,16 @@ func NewGetLdapOrganizationMembersLogic(ctx context.Context, svcCtx *svc.Service
|
||||||
// func (l *GetLdapOrganizationMembersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *GetLdapOrganizationMembersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||||
}
|
}
|
||||||
//先获取组织成员
|
//先获取组织成员
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
//获取跟用户dn筛选排除该用户
|
//获取跟用户dn筛选排除该用户
|
||||||
rootDNSlice := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
rootDNSlice := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
||||||
if len(rootDNSlice) == 0 {
|
if len(rootDNSlice) == 0 {
|
||||||
|
|
@ -49,7 +51,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.
|
||||||
rootCn := rootDNSlice[0]
|
rootCn := rootDNSlice[0]
|
||||||
filter := "(&(objectClass=groupOfUniqueNames)(!(" + rootCn + ")))"
|
filter := "(&(objectClass=groupOfUniqueNames)(!(" + rootCn + ")))"
|
||||||
fields := []string{"uniqueMember"} //只是查询成员
|
fields := []string{"uniqueMember"} //只是查询成员
|
||||||
result, err := ldapServer.Search(req.OrganizationDN, ldap.ScopeWholeSubtree, filter, fields, nil)
|
result, err := l.svcCtx.Ldap.Search(req.OrganizationDN, ldap.ScopeWholeSubtree, filter, fields, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap组织成员错误,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap组织成员错误,"+err.Error())
|
||||||
|
|
@ -74,7 +76,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.
|
||||||
}
|
}
|
||||||
//解析dn成每个小的单元
|
//解析dn成每个小的单元
|
||||||
cellList := strings.Split(memberDn, ",") //取cn邮箱
|
cellList := strings.Split(memberDn, ",") //取cn邮箱
|
||||||
filterBuilder.WriteString(fmt.Sprintf("(&%s)", "("+cellList[0]+")"))
|
filterBuilder.WriteString(fmt.Sprintf("(%s)", cellList[0]))
|
||||||
}
|
}
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
|
@ -83,13 +85,20 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.
|
||||||
//从新赋值filter
|
//从新赋值filter
|
||||||
filter = "(&(objectClass=posixAccount)(objectClass=inetOrgPerson)(|" + filterBuilder.String() + "))"
|
filter = "(&(objectClass=posixAccount)(objectClass=inetOrgPerson)(|" + filterBuilder.String() + "))"
|
||||||
//从用户基本组中找到员工
|
//从用户基本组中找到员工
|
||||||
userList, err := ldapServer.GetLdapBaseTeamUsersByParams(filter)
|
userList, err := l.svcCtx.Ldap.GetLdapBaseTeamUsersByParams(filter)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap帐号信息失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap帐号信息失败,"+err.Error())
|
||||||
}
|
}
|
||||||
list := make([]types.GetLdapOrganizationMembersItem, 0, memberCount)
|
list := make([]types.GetLdapOrganizationMembersItem, 0, memberCount)
|
||||||
for _, user := range userList {
|
for _, user := range userList {
|
||||||
|
if user.Status != 1 {
|
||||||
|
//从部门member中移出
|
||||||
|
if err = l.svcCtx.Ldap.RemoveUserFromOrganization(req.OrganizationDN, user.UserDN); err != nil {
|
||||||
|
logx.Error("移除用户成员失败:", err)
|
||||||
|
}
|
||||||
|
continue
|
||||||
|
}
|
||||||
list = append(list, types.GetLdapOrganizationMembersItem{
|
list = append(list, types.GetLdapOrganizationMembersItem{
|
||||||
UserId: user.UserId,
|
UserId: user.UserId,
|
||||||
UserDN: user.UserDN,
|
UserDN: user.UserDN,
|
||||||
|
|
@ -99,8 +108,6 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.
|
||||||
Avatar: user.Avatar,
|
Avatar: user.Avatar,
|
||||||
EmployeeType: user.EmployeeType,
|
EmployeeType: user.EmployeeType,
|
||||||
Status: user.Status,
|
Status: user.Status,
|
||||||
//CreateTime: user.CreateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
//UpdateTime: user.UpdateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapOrganizationMembersRsp{
|
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapOrganizationMembersRsp{
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,9 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
|
||||||
"github.com/go-ldap/ldap/v3"
|
"github.com/go-ldap/ldap/v3"
|
||||||
|
"net/http"
|
||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
|
@ -42,20 +41,23 @@ type DNItem struct {
|
||||||
Child []*DNItem `json:"child"`
|
Child []*DNItem `json:"child"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
//从ldap获取组织架构数据
|
//从ldap获取组织架构数据
|
||||||
rootCn := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
rootCn := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
||||||
if len(rootCn) == 0 {
|
if len(rootCn) == 0 {
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置")
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
peopleDNSlice := strings.Split(l.svcCtx.Config.Ldap.PeopleGroupDN, ",")
|
peopleDNSlice := strings.Split(l.svcCtx.Config.Ldap.PeopleGroupDN, ",")
|
||||||
if len(peopleDNSlice) <= 1 {
|
if len(peopleDNSlice) <= 1 {
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
|
||||||
}
|
}
|
||||||
filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))"
|
filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))"
|
||||||
fields := []string{"businessCategory", "dn", "uniqueMember"}
|
fields := []string{"businessCategory", "dn", "uniqueMember"}
|
||||||
searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
|
searchResult, err := l.svcCtx.Ldap.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,10 +4,9 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"fusenapi/server/ldap-admin/internal/svc"
|
"fusenapi/server/ldap-admin/internal/svc"
|
||||||
"fusenapi/server/ldap-admin/internal/types"
|
"fusenapi/server/ldap-admin/internal/types"
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/zeromicro/go-zero/core/logx"
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
|
|
@ -31,7 +30,11 @@ func NewGetLdapUserInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *G
|
||||||
// func (l *GetLdapUserInfoLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *GetLdapUserInfoLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误")
|
||||||
}
|
}
|
||||||
|
|
@ -39,8 +42,7 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us
|
||||||
if !email.IsEmailValid(cnEmail) {
|
if !email.IsEmailValid(cnEmail) {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
user, err := l.svcCtx.Ldap.GetLdapUserInfo(req.UserDN)
|
||||||
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
||||||
|
|
@ -54,8 +56,6 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us
|
||||||
Avatar: user.Avatar,
|
Avatar: user.Avatar,
|
||||||
Status: user.Status,
|
Status: user.Status,
|
||||||
EmployeeTpye: user.EmployeeType,
|
EmployeeTpye: user.EmployeeType,
|
||||||
//CreateTime: user.CreateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
//UpdateTime: user.UpdateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -32,11 +31,14 @@ func NewGetLdapUsersLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetL
|
||||||
// func (l *GetLdapUsersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *GetLdapUsersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.PageCookie = strings.Trim(req.PageCookie, " ")
|
req.PageCookie = strings.Trim(req.PageCookie, " ")
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
pageSize := uint32(20)
|
pageSize := uint32(20)
|
||||||
list, cookie, err := ldapServer.GetLdapBaseTeamUserList(pageSize, req.PageCookie)
|
list, cookie, err := l.svcCtx.Ldap.GetLdapBaseTeamUserList(pageSize, req.PageCookie)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询用户列表报错,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询用户列表报错,"+err.Error())
|
||||||
|
|
@ -52,8 +54,6 @@ func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, userinfo *a
|
||||||
Avatar: v.Avatar,
|
Avatar: v.Avatar,
|
||||||
EmployeeType: v.EmployeeType,
|
EmployeeType: v.EmployeeType,
|
||||||
Status: v.Status,
|
Status: v.Status,
|
||||||
//CreateTime: v.CreateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
//UpdateTime: v.UpdateTime.Format("2006-01-02 15:04:05"),
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUsersRsp{
|
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUsersRsp{
|
||||||
|
|
|
||||||
80
server/ldap-admin/internal/logic/ldapuserloginlogic.go
Normal file
80
server/ldap-admin/internal/logic/ldapuserloginlogic.go
Normal file
|
|
@ -0,0 +1,80 @@
|
||||||
|
package logic
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"fusenapi/utils/basic"
|
||||||
|
"fusenapi/utils/email"
|
||||||
|
"fusenapi/utils/encryption_decryption"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"fusenapi/server/ldap-admin/internal/svc"
|
||||||
|
"fusenapi/server/ldap-admin/internal/types"
|
||||||
|
|
||||||
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
|
)
|
||||||
|
|
||||||
|
type LdapUserLoginLogic struct {
|
||||||
|
logx.Logger
|
||||||
|
ctx context.Context
|
||||||
|
svcCtx *svc.ServiceContext
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewLdapUserLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LdapUserLoginLogic {
|
||||||
|
return &LdapUserLoginLogic{
|
||||||
|
Logger: logx.WithContext(ctx),
|
||||||
|
ctx: ctx,
|
||||||
|
svcCtx: svcCtx,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// 处理进入前逻辑w,r
|
||||||
|
// func (l *LdapUserLoginLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
|
// }
|
||||||
|
|
||||||
|
func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq) (resp *basic.Response) {
|
||||||
|
req.Email = strings.Trim(req.Email, " ")
|
||||||
|
req.Password = strings.Trim(req.Password, " ")
|
||||||
|
if !email.IsEmailValid(req.Email) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "邮箱格式不正确")
|
||||||
|
}
|
||||||
|
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||||
|
//查询dn
|
||||||
|
|
||||||
|
ldapUserInfo, err := l.svcCtx.Ldap.GetLdapUserInfo(userDN)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败,"+err.Error())
|
||||||
|
}
|
||||||
|
if ldapUserInfo.Status != 1 {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限登录")
|
||||||
|
}
|
||||||
|
if len(ldapUserInfo.Password) <= 7 {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "该帐号密码异常")
|
||||||
|
}
|
||||||
|
//解密密码
|
||||||
|
ldapPwd, err := encryption_decryption.CBCDecrypt(ldapUserInfo.Password[7:])
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "验证密码出错了!")
|
||||||
|
}
|
||||||
|
//比较密码
|
||||||
|
if ldapPwd != req.Password {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "密码错误!")
|
||||||
|
}
|
||||||
|
//生成token
|
||||||
|
token, err := l.svcCtx.Ldap.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, l.svcCtx.Config.Auth.AccessSecret)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "生成登录凭证失败")
|
||||||
|
}
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.LdapUserLoginRsp{
|
||||||
|
Token: token,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
||||||
|
// func (l *LdapUserLoginLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
|
||||||
|
// // httpx.OkJsonCtx(r.Context(), w, resp)
|
||||||
|
// }
|
||||||
|
|
@ -1,10 +1,9 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -33,7 +32,11 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi
|
||||||
// func (l *RemoveLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *RemoveLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||||
|
|
@ -46,8 +49,7 @@ func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *ty
|
||||||
if !email.IsEmailValid(cnEmail) {
|
if !email.IsEmailValid(cnEmail) {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
err := l.svcCtx.Ldap.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN)
|
||||||
err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败,"+err.Error())
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,8 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -32,7 +31,11 @@ func NewUpdateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||||
// func (l *UpdateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *UpdateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||||
if req.OrganizationDN == "" {
|
if req.OrganizationDN == "" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织DN不能为空")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织DN不能为空")
|
||||||
|
|
@ -40,8 +43,7 @@ func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLd
|
||||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
if err := l.svcCtx.Ldap.Update(req.OrganizationDN, map[string][]string{
|
||||||
if err := ldapServer.Update(req.OrganizationDN, map[string][]string{
|
|
||||||
"businessCategory": {req.BusinessCategory},
|
"businessCategory": {req.BusinessCategory},
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
|
|
|
||||||
|
|
@ -2,12 +2,13 @@ package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"fusenapi/utils/auth"
|
"fusenapi/model/gmodel"
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/chinese_to_pinyin"
|
"fusenapi/utils/chinese_to_pinyin"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
|
|
@ -35,7 +36,11 @@ func NewUpdateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Up
|
||||||
// func (l *UpdateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *UpdateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||||
req.Mobile = strings.Trim(req.Mobile, " ")
|
req.Mobile = strings.Trim(req.Mobile, " ")
|
||||||
req.Avatar = strings.Trim(req.Avatar, " ")
|
req.Avatar = strings.Trim(req.Avatar, " ")
|
||||||
|
|
@ -52,7 +57,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri
|
||||||
}
|
}
|
||||||
//把用户名转pinyin
|
//把用户名转pinyin
|
||||||
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
now := time.Now()
|
||||||
//更新的属性
|
//更新的属性
|
||||||
attr := map[string][]string{
|
attr := map[string][]string{
|
||||||
"homeDirectory": {"/home/users/" + userNamePinyin},
|
"homeDirectory": {"/home/users/" + userNamePinyin},
|
||||||
|
|
@ -64,11 +69,17 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri
|
||||||
"postalCode": {fmt.Sprintf("%d", req.Status)},
|
"postalCode": {fmt.Sprintf("%d", req.Status)},
|
||||||
"employeeType": {fmt.Sprintf("%d", req.EmployeeType)},
|
"employeeType": {fmt.Sprintf("%d", req.EmployeeType)},
|
||||||
}
|
}
|
||||||
err := ldapServer.Update(req.UserDN, attr)
|
err := l.svcCtx.Ldap.Update(req.UserDN, attr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "更新用户失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "更新用户失败,"+err.Error())
|
||||||
}
|
}
|
||||||
|
err = l.svcCtx.AllModels.LdapUser.Update(l.ctx, req.UserDN, &gmodel.LdapUser{
|
||||||
|
Utime: &now,
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
}
|
||||||
return resp.SetStatusWithMessage(basic.CodeOK, "更新用户成功")
|
return resp.SetStatusWithMessage(basic.CodeOK, "更新用户成功")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,10 @@
|
||||||
package logic
|
package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fusenapi/utils/auth"
|
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/email"
|
"fusenapi/utils/email"
|
||||||
"fusenapi/utils/encryption_decryption"
|
"fusenapi/utils/encryption_decryption"
|
||||||
"fusenapi/utils/ldap_lib"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
|
|
@ -34,7 +33,11 @@ func NewUpdateLdapUserPwdLogic(ctx context.Context, svcCtx *svc.ServiceContext)
|
||||||
// func (l *UpdateLdapUserPwdLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
// func (l *UpdateLdapUserPwdLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||||
// }
|
// }
|
||||||
|
|
||||||
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, r *http.Request) (resp *basic.Response) {
|
||||||
|
|
||||||
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||||
|
}
|
||||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||||
req.NewPassword = strings.Trim(req.NewPassword, " ")
|
req.NewPassword = strings.Trim(req.NewPassword, " ")
|
||||||
req.OldPassword = strings.Trim(req.OldPassword, " ")
|
req.OldPassword = strings.Trim(req.OldPassword, " ")
|
||||||
|
|
@ -48,9 +51,8 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR
|
||||||
if !email.IsEmailValid(cnEmail) {
|
if !email.IsEmailValid(cnEmail) {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
|
||||||
//查询个人信息
|
//查询个人信息
|
||||||
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
user, err := l.svcCtx.Ldap.GetLdapUserInfo(req.UserDN)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
||||||
|
|
@ -73,7 +75,7 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
|
||||||
}
|
}
|
||||||
err = ldapServer.Update(req.UserDN, map[string][]string{
|
err = l.svcCtx.Ldap.Update(req.UserDN, map[string][]string{
|
||||||
"userPassword": {"{crypt}" + newPwd},
|
"userPassword": {"{crypt}" + newPwd},
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@ import (
|
||||||
"fusenapi/initalize"
|
"fusenapi/initalize"
|
||||||
"fusenapi/model/gmodel"
|
"fusenapi/model/gmodel"
|
||||||
"fusenapi/server/ldap-admin/internal/config"
|
"fusenapi/server/ldap-admin/internal/config"
|
||||||
"github.com/go-ldap/ldap/v3"
|
"fusenapi/utils/ldap_lib"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -13,17 +13,17 @@ type ServiceContext struct {
|
||||||
MysqlConn *gorm.DB
|
MysqlConn *gorm.DB
|
||||||
AllModels *gmodel.AllModelsGen
|
AllModels *gmodel.AllModelsGen
|
||||||
RabbitMq *initalize.RabbitMqHandle
|
RabbitMq *initalize.RabbitMqHandle
|
||||||
Ldap *ldap.Conn
|
Ldap *ldap_lib.Ldap
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewServiceContext(c config.Config) *ServiceContext {
|
func NewServiceContext(c config.Config) *ServiceContext {
|
||||||
conn := initalize.InitMysql(c.SourceMysql)
|
conn := initalize.InitMysql(c.SourceMysql)
|
||||||
|
ldapConn := initalize.InitLdap(c.Ldap.Host, c.Ldap.BindDN, c.Ldap.Password)
|
||||||
return &ServiceContext{
|
return &ServiceContext{
|
||||||
Config: c,
|
Config: c,
|
||||||
MysqlConn: conn,
|
MysqlConn: conn,
|
||||||
AllModels: gmodel.NewAllModels(initalize.InitMysql(c.SourceMysql)),
|
AllModels: gmodel.NewAllModels(initalize.InitMysql(c.SourceMysql)),
|
||||||
RabbitMq: initalize.InitRabbitMq(c.SourceRabbitMq, nil),
|
RabbitMq: initalize.InitRabbitMq(c.SourceRabbitMq, nil),
|
||||||
Ldap: initalize.InitLdap(c.Ldap.Host, c.Ldap.BindDN, c.Ldap.Password),
|
Ldap: ldap_lib.NewLdap(ldapConn, c.Ldap.BaseDN, c.Ldap.RootDN, c.Ldap.PeopleGroupDN, c.Auth.AccessSecret),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -190,8 +190,6 @@ type GetLdapUserInfoRsp struct {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包
|
EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
|
||||||
UpdateTime string `json:"update_time"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type AddLdapOrganizationMemberReq struct {
|
type AddLdapOrganizationMemberReq struct {
|
||||||
|
|
@ -221,8 +219,6 @@ type GetLdapOrganizationMembersItem struct {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeType int64 `json:"employee_type"`
|
EmployeeType int64 `json:"employee_type"`
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
|
||||||
UpdateTime string `json:"update_time"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type GetLdapUsersReq struct {
|
type GetLdapUsersReq struct {
|
||||||
|
|
@ -243,8 +239,15 @@ type GetLdapUsersItem struct {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeType int64 `json:"employee_type"`
|
EmployeeType int64 `json:"employee_type"`
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
}
|
||||||
UpdateTime string `json:"update_time"`
|
|
||||||
|
type LdapUserLoginReq struct {
|
||||||
|
Email string `json:"email"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LdapUserLoginRsp struct {
|
||||||
|
Token string `json:"token"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Request struct {
|
type Request struct {
|
||||||
|
|
|
||||||
|
|
@ -94,6 +94,9 @@ service ldap-admin {
|
||||||
//获取基础用户组中成员列表
|
//获取基础用户组中成员列表
|
||||||
@handler GetLdapUsersHandler
|
@handler GetLdapUsersHandler
|
||||||
get /api/ldap-admin/get_ldap_users(GetLdapUsersReq) returns (response);
|
get /api/ldap-admin/get_ldap_users(GetLdapUsersReq) returns (response);
|
||||||
|
//登录
|
||||||
|
@handler LdapUserLoginHandler
|
||||||
|
post /api/ldap-admin/ldap_user_login(LdapUserLoginReq) returns (response);
|
||||||
}
|
}
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
|
@ -274,8 +277,6 @@ type GetLdapUserInfoRsp {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包
|
EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
|
||||||
UpdateTime string `json:"update_time"`
|
|
||||||
}
|
}
|
||||||
//ldap组织添加成员
|
//ldap组织添加成员
|
||||||
type AddLdapOrganizationMemberReq {
|
type AddLdapOrganizationMemberReq {
|
||||||
|
|
@ -303,8 +304,6 @@ type GetLdapOrganizationMembersItem {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeType int64 `json:"employee_type"`
|
EmployeeType int64 `json:"employee_type"`
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
|
||||||
UpdateTime string `json:"update_time"`
|
|
||||||
}
|
}
|
||||||
//获取基础用户组中成员列表
|
//获取基础用户组中成员列表
|
||||||
type GetLdapUsersReq {
|
type GetLdapUsersReq {
|
||||||
|
|
@ -323,6 +322,12 @@ type GetLdapUsersItem {
|
||||||
Avatar string `json:"avatar"` //头像地址
|
Avatar string `json:"avatar"` //头像地址
|
||||||
EmployeeType int64 `json:"employee_type"`
|
EmployeeType int64 `json:"employee_type"`
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
CreateTime string `json:"create_time"`
|
}
|
||||||
UpdateTime string `json:"update_time"`
|
//登录
|
||||||
|
type LdapUserLoginReq {
|
||||||
|
Email string `json:"email"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
type LdapUserLoginRsp {
|
||||||
|
Token string `json:"token"`
|
||||||
}
|
}
|
||||||
26
utils/ldap_lib/auth.go
Normal file
26
utils/ldap_lib/auth.go
Normal file
|
|
@ -0,0 +1,26 @@
|
||||||
|
package ldap_lib
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
|
"net/http"
|
||||||
|
)
|
||||||
|
|
||||||
|
// 验证权限
|
||||||
|
func (l *Ldap) VerifyAuthority(r *http.Request, jwtSecret string) bool {
|
||||||
|
token := r.Header.Get("Ldap-Authorization")
|
||||||
|
info, err := l.ParseJwtToken(token, jwtSecret)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error("解析token失败", err, "----token:", token)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
//查询ldap
|
||||||
|
userInfo, err := l.GetLdapUserInfo(info.UserDN)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error("获取ldap用户信息失败", err, "----user_dn:", info.UserDN)
|
||||||
|
}
|
||||||
|
if userInfo.Status != 1 {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
// TODO 查询权限组相关信息
|
||||||
|
return true
|
||||||
|
}
|
||||||
53
utils/ldap_lib/jwt_parse.go
Normal file
53
utils/ldap_lib/jwt_parse.go
Normal file
|
|
@ -0,0 +1,53 @@
|
||||||
|
package ldap_lib
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
"github.com/golang-jwt/jwt"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
type UserInfo struct {
|
||||||
|
UserDN string `json:"user_dn"`
|
||||||
|
UserId int64 `json:"user_id"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// 生成token
|
||||||
|
func (l *Ldap) GenJwtToken(userId, expireTime int64, userDN, secret string) (token string, err error) {
|
||||||
|
t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
||||||
|
"user_dn": userDN,
|
||||||
|
"user_id": userId,
|
||||||
|
"exp": time.Now().Add(time.Second * time.Duration(expireTime)).Unix(), //过期时间
|
||||||
|
"iss": "fusen",
|
||||||
|
})
|
||||||
|
token, err = t.SignedString([]byte(secret))
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
return "Bearer " + token, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// 解释token
|
||||||
|
func (l *Ldap) ParseJwtToken(token, secret string) (UserInfo, error) {
|
||||||
|
if len(token) <= 7 || token[:7] != "Bearer " {
|
||||||
|
return UserInfo{}, errors.New("无效的token")
|
||||||
|
}
|
||||||
|
token = token[7:]
|
||||||
|
t, err := jwt.ParseWithClaims(token, jwt.MapClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||||
|
return []byte(secret), nil
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return UserInfo{}, err
|
||||||
|
}
|
||||||
|
d, err := json.Marshal(t.Claims)
|
||||||
|
if err != nil {
|
||||||
|
return UserInfo{}, err
|
||||||
|
}
|
||||||
|
var userInfo UserInfo
|
||||||
|
if err = json.Unmarshal(d, &userInfo); err != nil {
|
||||||
|
return UserInfo{}, err
|
||||||
|
}
|
||||||
|
return userInfo, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
|
@ -12,14 +12,16 @@ type Ldap struct {
|
||||||
rootDN string
|
rootDN string
|
||||||
conn *ldap.Conn
|
conn *ldap.Conn
|
||||||
peopleGroupDN string
|
peopleGroupDN string
|
||||||
|
jwtSecret string
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN string) *Ldap {
|
func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN, jwtSecret string) *Ldap {
|
||||||
return &Ldap{
|
return &Ldap{
|
||||||
baseDN: baseDN,
|
baseDN: baseDN,
|
||||||
rootDN: rootDN,
|
rootDN: rootDN,
|
||||||
conn: conn,
|
conn: conn,
|
||||||
peopleGroupDN: peopleGroupDN,
|
peopleGroupDN: peopleGroupDN,
|
||||||
|
jwtSecret: jwtSecret,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user